Important: python-jinja2

Issue Overview: Jinja is an extensible templating engine. Prior to 3.1.6, an oversight in how the Jinja sandboxed environment interacts with the |attr filter allows an attacker that controls the content of a template to execute arbitrary Python code. To exploit the vulnerability, an attacker need...

Medium: openssh

Issue Overview: A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying...

Important: kernel

Issue Overview: Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access. CVE-2021-33061 In the Linux kernel, the following vulnerability has been resolved: smb: client: fix...

Medium: binutils

Issue Overview: A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack...

Medium: gcc10-binutils

Issue Overview: A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tipc: wait and exit until all work queues are done CVE-2021-47163 Placeholder CVE. Details forthcoming CVE-2024-10929 In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string...

Amazon Linux 2 : ecs-init (ALASECS-2025-049)

The version of ecs-init installed on the remote host is prior to 1.89.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-049 advisory. An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resultin...

Amazon Linux 2 : ecs-init (ALASECS-2025-051)

The version of ecs-init installed on the remote host is prior to 1.75.3-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2ECS-2025-051 advisory. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures...

Amazon Linux 2 : grub2 (ALAS-2025-2756)

The version of grub2 installed on the remote host is prior to 2.06-14. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2756 advisory. GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...

Amazon Linux 2 : docker (ALASNITRO-ENCLAVES-2025-050)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NITRO-ENCLAVES-2025-050 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims c...

Amazon Linux 2 : python-pillow (ALAS-2025-2768)

The version of python-pillow installed on the remote host is prior to 2.0.0-23.gitd1c6db8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2768 advisory. PIL/IcnsImagePlugin.py in Python Imaging Library PIL and Pillow before 2.3.2 and 2.5.x before 2.5.2 allows remote...

Amazon Linux 2 : emacs (ALAS-2025-2757)

The version of emacs installed on the remote host is prior to 27.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2757 advisory. In elisp-mode.el in GNU Emacs through 30.0.92, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted...

Amazon Linux 2 : gsl (ALAS-2025-2758)

The version of gsl installed on the remote host is prior to 1.15-13. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2758 advisory. GSL GNU Scientific Library through 2.8 has an integer signedness error in gslsimansolvemany in siman/siman.c. When params.ntries is...

Amazon Linux 2 : python-ipaddress (ALAS-2025-2761)

The version of python-ipaddress installed on the remote host is prior to 1.0.16-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2761 advisory. The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as...

Amazon Linux 2 : glib2 (ALAS-2025-2767)

The version of glib2 installed on the remote host is prior to 2.56.1-9. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2767 advisory. GLib's GVariant deserialization prior to GLib 2.74.4 failed to validate the input conforms to the expected format, leading ...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-063)

The version of kernel installed on the remote host is prior to 5.15.178-120.178. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-063 advisory. Integer Overflow or Wraparound vulnerability in Linux kernel on x86 and ARM md, raid, raid5 modules allo...

Amazon Linux 2 : docker (ALASDOCKER-2025-051)

The version of docker installed on the remote host is prior to 25.0.8-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2DOCKER-2025-051 advisory. golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead ...

Amazon Linux 2 : kernel (ALASKERNEL-5.4-2025-094)

The version of kernel installed on the remote host is prior to 5.4.290-205.397. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2025-094 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv6: fix possible UAF in...

Amazon Linux 2 : python3 (ALAS-2025-2754)

The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2754 advisory. The urllib.parse.urlsplit and urlparse functions improperly validated bracketed hosts , allowing hosts that weren't IPv6 ...

Amazon Linux 2 : vim (ALAS-2025-2753)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2753 advisory. Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode -s -e, Vim typically doesn't show a screen and just operates silently in batch mod...